CVE-2019-13923

Name of the Vulnerable Software and Affected Versions IE/WSN-PA Link WirelessHART Gateway (All versions)

Description The issue is related to the implementation of the WirelessHART protocol in the IE/WSN-PA Link gateway, specifically concerning the lack of protection for the web page structure. This could allow a remote attacker to perform cross-site scripting (XSS) attacks. For a successful exploitation, user interaction is required, and the user must be logged into the web interface. At the time of publishing, no public exploitation of this issue is known.

Recommendations For all versions, to mitigate the risk of cross-site scripting attacks, consider restricting access to the integrated configuration web server until a fix is available. Additionally, avoid accessing suspicious or malicious links while logged into the web interface. At the moment, there is no information about a newer version that contains a fix for this vulnerability.